CVE-2006-7246
Advisory lineage Upstream: 0 Downstream: 2
Downstream
Modified
Published: 27 Jan 2020, 14:56
Last modified:07 Aug 2024, 20:57
Vulnerability Summary
Overall Risk (default)
medium
37/100 CVSS Score
6.8 MEDIUM
v3.1 (nvd)
EPSS Score
0.14% LOW
0% probability +0.08%
KEV
Not listed
Ransomware
No reports
Public exploits
3 found
Dark Web
Not detected
Timeline
27 Jan 2020, 14:56
Published
Vulnerability first disclosed
07 Aug 2024, 20:57
Last Modified
Vulnerability information updated
Description
NetworkManager 0.9.x does not pin a certificate's subject to an ESSID when 802.11X authentication is used.
CVSS Metrics
- v3.1•MEDIUM•Score: 6.8CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
- v2.0•LOW•Score: 3.2AV:A/AC:H/Au:N/C:P/I:P/A:N
EPSS Trends
Current EPSS score: 0.14%• Percentile: 34%
Techniques & Countermeasures
- CWE-295•Improper Certificate Validation
The product does not validate, or incorrectly validates, a certificate.
Affected Systems
- gnome•networkmanager
≥ 0.9.0, ≤ 0.9.9.98
- opensuse•opensuse
11.3 | 11.4 | 12.1
- suse•linux_enterprise_desktop
11:sp1
- suse•linux_enterprise_server
11:sp1